There's a moment in the adoption process of most technologies when employees stop looking upon it as a burden and begin wondering how they ever lived without it. For smaller business users, it's this "aha moment" that seems to pull them past their initial apathy toward unified communications (UC) -- the integration of multiple modes of communications (voice, e-mail, instant messaging, etc.) with business processes. But user resistance is only one piece of the UC rollout puzzle: There's also setting user access policy and security. The catch is that security and access guidelines often differ by industry, which makes setting hard-and-fast rules challenging, but these policies are vital to driving user acceptance toward that aha moment and keeping the momentum going beyond it.

The experience of Ohio-based Celina Insurance Group, a 168-employee firm, illustrates how initially disinterested, even resistant, employees come to value UC. The company rolled out IBM's Lotus Sametime offering in 2000 and immediately met employee indifference. "The average age in the company was 56 years old -- not your ideal group to roll out instant chat -- so it presented some challenges," says Robert Shoenfelt, Celina's CIO.

Celina works with a large pool of independent agents, who sell policies from dozens of insurance companies. To be competitive, the company must act as swiftly as its much larger rivals. IBM's Sametime provided Celina with multiuser meetings, instant chat, and integration of data for presence awareness among other applications via a Web interface. Agents in the field could use instant chat to contact Celina underwriters about customer problems or new policies. Celina employees could also IM each other internally to solve problems while they had an agent in a separate chat. "At first, our underwriters were not happy when we put it online for agents" because they felt continually interrupted, Shoenfelt says. The CIO quashed their annoyance. "When you can tell me when the phone is going to ring, I'll tell you when you're going to get a message," he told them.

Then there was the top-down acceptance at Celina when employees realized that the company CEO had learned the technology. "There was a picture of him in his leather jacket and sunglasses [with his identity on the site]. People said, 'If he's going to use it, I guess I'm going to do it, too,'" Shoenfelt laughs.

Ultimately, acceptance came once incoming requests were handled more easily, eliminating backlog, and people could suddenly work at home as efficiently as at the office. "Everybody latched on," Shoenfelt says, adding that Sametime changed the culture of the company.

Akiba Saeedi, IBM's program director of unified communications and collaboration, calls it the "stickiness factor." UC is more likely to be accepted when you "inject it into the [existing] business process" to simplify employees' lives.

Cisco VP of SMB solutions marketing Rick Moran says vendors must spend time with clients assessing their actual needs and then fitting the solution to their business model. "You have to go in and ask customers the exact problems that they're trying to deal with." Cisco offers an answer to the immediate problem and then tries to make the solution scalable to deal with expected growth over the next few years, Moran says.

If convenience isn't enough, economic incentive tends to inspire acceptance pretty quickly, says Christian Chase, managing partner of Florida-based Everything Tradeshows, which implemented Cisco's Unified Communications 500 Series for Small Business. Cisco's solution converged voice and data, voice mail and automated attendant, and implemented VoIP. Immediately, Everything Tradeshows' telemarketer increased her speed and productivity. When she was able to dial calls straight from Outlook, it made a difference, considering she generally makes upward of 200 calls a day, Chase says. "As soon as employees realize they can make more money, they know they need this," he adds.

Gartner analyst and research VP Bern Elliot says real user acceptance comes from solid training and the understanding that some user groups will have a longer adoption period. "If you force it, it will create stress," says Elliot. "Prolonged training reduces stress." Training updates are also crucial "because people forget," he adds.

But before companies can convince users to be comfortable with the technology, they have to deal with security issues and user access policy. Elliot says security policy should come from the IT side of a company even if there is telephony involved. "Telecom is often already protected, but data is more flexible and more challenging to protect," he says.

Celina Insurance's Shoenfelt says the company feels safe with Sametime's built-in security for data, but chat does concern him. The company is concerned about "what's discoverable from a legal standpoint." Though Celina is comparatively small, it's impossible to monitor all 168 employees in addition to outside agents in every chat session. "We don't save chats," Shoenfelt says. "It's become our way of doing business. We worry about what's appropriate and what's not."

Moran says Cisco's firewall offers protection, but human error is always a threat. He offers up two tips for SMBs. "Don't have things hanging open. Turn on the firewall and wireless security," he says. Then he stresses, "Don't underestimate backup." When companies have tons of data living on a laptop, that laptop "can get dropped" and then, regardless of your UC solution and security, it's lost.

Though most out-of-the-box UC solutions now marketed to SMBs have built-in security, some industries have extra data security needs. Saeedi notes that health care companies must follow legal regulations for keeping customer information safe. Government agencies and banks have unique protection needs as well. These companies should hire consultants or attorneys that specialize in setting data security policy and strategy for their particular industry. Often these consultants work with channel partners that offer ongoing IT maintenance for UC applications.

Security also comes into question when companies decide how much data should be exposed to various groups of employees. Chase says his company carefully determined what kinds of data access each employee needed. Then users were given passwords that allowed access only to their specific data needs.

Saeedi points out that deciding user access can also be about how much bandwidth the company wants utilized. She says IT staff should ask themselves, "Do you want to turn video on? In some cases, maybe only some users will be enabled for video." Sametime enables IT staff to offer different users individualized groups of applications.

Despite the initial challenges, Chase and Shoenfelt agree that implementing UC enabled their companies to compete efficiently against much larger competitors. More importantly, their newfound efficiency has given customers in both instances the experience of having worked with a major company with lots of support resources despite the small size of each firm.